Bugtraq mailing list archives

Re: Tunnel ports allowed on NetApp NetCaches

From: Adrian Chadd <adrian () creative net au>
Date: Fri, 6 Jul 2001 13:52:09 +0800

On Thu, Jul 05, 2001, Kevin O'Brien wrote:

[snip]

If you have +all you will want to look through your logs for anything using
the CONNECT method instead of GET to see what ports outside people connected
to.  Fortunately, we only saw ports 443 and 25 to hosts outside our network.

BTW, I contacted NetApp on Friday about this and they are still trying to
write a Field Alert to their customers...and I thought M$ was slow.


This has been a known problem in the squid camp for
a long time now. I believe the ircache caches had HTTP CONNECT
disabled for this exact reason.

In fact, the squid default configuration denies HTTP CONNECT
to target ports other than 443/563.




Adrian

-- 
Adrian Chadd                    Yeah, for me its (XML) like the movie Titanic.
<adrian () creative net au>       Everybody loves it.
                                    I want to be different, so I hate it.
                                        --Duane Wessels

Current thread:

RE: Tunnel ports allowed on NetApp NetCaches Kevin O'Brien (Jul 05)
- Re: Tunnel ports allowed on NetApp NetCaches Adrian Chadd (Jul 06)